diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-06-26 08:53:15 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-06-26 08:53:15 +0200 |
commit | 03e1d273acf3c182da69013288eda3a8f274153b (patch) | |
tree | e46e0008eac23c2c8b21d818995e735f2c91e50e /src | |
parent | 037aa93f493648f6e99b796fce920ec63dbc994e (diff) | |
download | vyos-1x-03e1d273acf3c182da69013288eda3a8f274153b.tar.gz vyos-1x-03e1d273acf3c182da69013288eda3a8f274153b.zip |
Revert "ipsec: T3643: move swanctl.conf to /run"
This reverts commit 95bbbb8bed92a60a320ff255c8b8656145f3c540.
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/vpn_ipsec.py | 2 | ||||
-rwxr-xr-x | src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook | 2 | ||||
-rw-r--r-- | src/etc/systemd/system/ipsec.service.d/override.conf | 7 | ||||
-rwxr-xr-x | src/op_mode/vpn_ipsec.py | 4 |
4 files changed, 4 insertions, 11 deletions
diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py index 535e633ed..433c51e7e 100755 --- a/src/conf_mode/vpn_ipsec.py +++ b/src/conf_mode/vpn_ipsec.py @@ -386,7 +386,7 @@ def generate(ipsec): render("/etc/ipsec.conf", "ipsec/ipsec.conf.tmpl", data) render("/etc/ipsec.secrets", "ipsec/ipsec.secrets.tmpl", data) render("/etc/strongswan.d/interfaces_use.conf", "ipsec/interfaces_use.conf.tmpl", data) - render("/run/swanctl/swanctl.conf", "ipsec/swanctl.conf.tmpl", data) + render("/etc/swanctl/swanctl.conf", "ipsec/swanctl.conf.tmpl", data) def resync_l2tp(ipsec): if ipsec and not ipsec['l2tp_exists']: diff --git a/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook b/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook index 7b3a18afa..a7a9a2ce6 100755 --- a/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook +++ b/src/etc/dhcp/dhclient-exit-hooks.d/ipsec-dhclient-hook @@ -38,7 +38,7 @@ import re from vyos.util import call from vyos.util import cmd -SWANCTL_CONF="/run/swanctl/swanctl.conf" +SWANCTL_CONF="/etc/swanctl/swanctl.conf" def getlines(file): with open(file, 'r') as f: diff --git a/src/etc/systemd/system/ipsec.service.d/override.conf b/src/etc/systemd/system/ipsec.service.d/override.conf deleted file mode 100644 index e8c0872b5..000000000 --- a/src/etc/systemd/system/ipsec.service.d/override.conf +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -ConditionPathExists=/run/swanctl/swanctl.conf -After= -After=vyos-router.service - -[Service] -Environment="SWANCTL_DIR=/run/swanctl" diff --git a/src/op_mode/vpn_ipsec.py b/src/op_mode/vpn_ipsec.py index 68eb5e473..dd5a85ed3 100755 --- a/src/op_mode/vpn_ipsec.py +++ b/src/op_mode/vpn_ipsec.py @@ -33,7 +33,7 @@ X509_CONFIG_PATH = '/etc/ipsec.d/key-pair.template' X509_PATH = '/config/auth/' IPSEC_CONF = '/etc/ipsec.conf' -SWANCTL_CONF = '/run/swanctl/swanctl.conf' +SWANCTL_CONF = '/etc/swanctl/swanctl.conf' def migrate_to_vyatta_key(path): with open(path, 'r') as f: @@ -90,7 +90,7 @@ def generate_x509_pair(name): return result = os.system(f'openssl req -new -nodes -keyout {X509_PATH}{name}.key -out {X509_PATH}{name}.csr -config {X509_CONFIG_PATH}') - + if result != 0: print(f'Could not generate x509 key-pair: {result}') return |